package com.benzhu.shiro.controller;

import com.benzhu.shiro.domain.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller("UserController")
@RequestMapping("/")
public class UserController {

    @RequestMapping(value = "login")
    public String login(){
        return "login";
    }

    @RequestMapping(value = "usererror")
    public String error(){
        return "usererror";
    }

    @RequestMapping(value = "sublogin")
    public String sublogin(User user){
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(),user.getPassword());
        try {
            subject.login(token);
            try {
                subject.checkRole("admin");
                subject.checkPermission("user:update");
                    //理解非注解也可以做转跳拦截之类的动作
                    if(subject.hasRole("admin")){
                        System.out.println("拥有admin角色！");
                    }
                    if(subject.isPermitted("user:update")){
                        System.out.println("拥有user:update权限！");
                    }
                return "index";
            }catch (UnauthorizedException exception){
                System.out.println("角色授权或者权限授权失败！");
                return "error";
            }
        }catch (AuthenticationException e){
            System.out.println("认证失败！");
            return "usererror";
        }
    }

    @RequiresRoles("admin")
    @RequestMapping("testroels")
    @ResponseBody
    public String testroels(){
        return "有admin角色！";
    }

    @RequiresRoles("admin1")
    @RequestMapping("testroels1")
    @ResponseBody
    public String testroels1(){
        return "有admin1角色！";
    }

    @RequiresPermissions("user:update")
    @RequestMapping("testPermission")
    @ResponseBody
    public String testPermission(){
        return "拥有user:update权限";
    }

    @RequiresPermissions("user:update1")
    @RequestMapping("testPermission1")
    @ResponseBody
    public String testPermission1(){
        return "拥有user:update1权限";
    }

    @RequiresRoles("admin")
    @RequestMapping("exit")
    public String exit(){
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "login";
    }

    @RequestMapping("roles1")
    @ResponseBody
    public String roles1(){
        return "拥有admin角色";
    }

    @RequestMapping("roles2")
    @ResponseBody
    public String roles2(){
        return "拥有admin和user角色";
    }

    @RequestMapping("permission1")
    @ResponseBody
    public String permission1(){
        return "拥有user:update权限";
    }

    @RequestMapping("permission2")
    @ResponseBody
    public String permission2(){
        return "拥有user:update和user:select权限";
    }

    @RequestMapping("roles3")
    @ResponseBody
    public String roles3(){
        return "拥有admin或者user角色";
    }
}
